Wireless 802.1x with Window 7

I have a WLC 6.0, ACS 3.3 and the SSID is setup to use 802.1x with Peap Authentication. The clients are using Windows 7 to connect to wireless. To get the clients connected they have to go into there network properties if the wireless card, configure the client to use PEAP, uncheck validate server certificate, and also uncheck use computer name to login into windows. This works fine and the user to able to connect to to wireless after dong all these steps and then entering in there Windows Username and Password. The customer is saying that this is to many steps for the end user and they just want the user to to click on the SSID and connect. If wireless could also be setup to use there windows username and password would be a bonus. I'm basically looking for a solution that is simple but is also secure as well. I know that's an oxymoron. Is there anything I could do to make the wireless process simpler. Either by going with a different security authentication or by doing something different on the clients computers. Thanks for any help and suggestions.

This is a script that we use on our campus (University of Leeds), that self configures an 802.1x connection and when a user connects to an 802.1x connection merely asks them for their username and password, which then remained cached.

The .exe you create takes away all the techy bits that do 'confuse' some users, even if they are provided with well written documentation.

Share:

Replies

What do clients' Windows usernames and passwords authenticate against as it stands now? I would set up an Active Directory if that's not what's currently set up and integrate your ACS with the AD.

Secondly, you have two options to make it easier on your lazy users. You could look into scripting your profile for Wireless Zero Config or look at supplicants which make it easy to import profiles. Intel Proset Tools lets you import/export profiles, although I've never used it.

This is a script that we use on our campus (University of Leeds), that self configures an 802.1x connection and when a user connects to an 802.1x connection merely asks them for their username and password, which then remained cached.

The .exe you create takes away all the techy bits that do 'confuse' some users, even if they are provided with well written documentation.

All of these setings can be controlled using "netsh" form the command line. I would suggest getting one system setup how you wnat. Then export the Wireless profile and import on other manchine. You could of course script the import so the users would not have to do anything but click on a single file.